kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rajini Sivaram (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (KAFKA-7168) Broker shutdown during SSL handshake may be handled as handshake failure
Date Wed, 18 Jul 2018 11:34:00 GMT

     [ https://issues.apache.org/jira/browse/KAFKA-7168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rajini Sivaram resolved KAFKA-7168.
-----------------------------------
       Resolution: Fixed
    Fix Version/s: 2.1.0
                   2.0.1

> Broker shutdown during SSL handshake may be handled as handshake failure
> ------------------------------------------------------------------------
>
>                 Key: KAFKA-7168
>                 URL: https://issues.apache.org/jira/browse/KAFKA-7168
>             Project: Kafka
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 1.0.2, 1.1.1, 2.0.0
>            Reporter: Rajini Sivaram
>            Assignee: Rajini Sivaram
>            Priority: Major
>             Fix For: 2.0.1, 2.1.0
>
>
> If broker is shutdown while SSL handshake of a client connection is in progress, the
client may process the resulting SSLException as a non-retriable handshake failure rather
than a retriable I/O exception. This can cause streams applications to fail during rolling
restarts.
> Exception stack trace:
> {quote}
> org.apache.kafka.common.errors.SslAuthenticationException: SSL handshake failed
> Caused by: javax.net.ssl.SSLException: Received close_notify during handshake
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>         at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
>         at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1607)
>         at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1752)
>         at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1068)
>         at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:890)
>         at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:764)
>         at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
>         at org.apache.kafka.common.network.SslTransportLayer.handshakeUnwrap(SslTransportLayer.java:465)
>         at org.apache.kafka.common.network.SslTransportLayer.handshake(SslTransportLayer.java:266)
>         at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:88)
>         at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:474)
>         at org.apache.kafka.common.network.Selector.poll(Selector.java:412)
>         at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:460)
>         at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:258)
>         at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:230)
>         at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:206)
>         at org.apache.kafka.clients.consumer.internals.AbstractCoordinator.ensureCoordinatorReady(AbstractCoordinator.java:219)
>         at org.apache.kafka.clients.consumer.internals.AbstractCoordinator.ensureCoordinatorReady(AbstractCoordinator.java:205)
>         at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator.poll(ConsumerCoordinator.java:284)
>         at org.apache.kafka.clients.consumer.KafkaConsumer.pollOnce(KafkaConsumer.java:1146)
>         at org.apache.kafka.clients.consumer.KafkaConsumer.poll(KafkaConsumer.java:1111)
>         at org.apache.kafka.streams.processor.internals.StreamThread.pollRequests(StreamThread.java:848)
>         at org.apache.kafka.streams.processor.internals.StreamThread.runOnce(StreamThread.java:805)
>         at org.apache.kafka.streams.processor.internals.StreamThread.runLoop(StreamThread.java:771)
>         at org.apache.kafka.streams.processor.internals.StreamThread.run(StreamThread.java:741)
> {quote}
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message